Remote Code Execution via Serialized Session Payload
CVE-2023-40595
8.8HIGH
What is CVE-2023-40595?
In Splunk Enterprise prior to versions 8.2.12, 9.0.6, and 9.1.1, an inherent code execution vulnerability allows attackers to craft specific queries, leading to the potential serialization of untrusted data. This can enable an attacker to execute arbitrary code, significantly compromising the security of the affected system.
Affected Version(s)
Splunk Cloud - < 9.0.2305.200
Splunk Enterprise 8.2 < 8.2.12
Splunk Enterprise 9.0 < 9.0.6